How Do I Make My Login Form Work

Question

0.00/5 (No votes)

See more:

I am trying to make my user login system function properly but if i put in information that isn't in the database it automatically takes me into the file that is for users only . How can i fix it ?

register.php:

XML

<?php
include('db.php');

if (isset($_POST['submit'])) {
    if ($_POST['password'] == $_POST['password2']) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $password2 = $_POST['password2'];
        $email = $_POST['email'];

      $sql = "INSERT into users VALUES(null, '$username', '$password', '$password2', '$email')";
        mysqli_query($conn, $sql);
    }
}
//Here we will check do we have all inputs filled
if(empty($username)){

echo("Please enter a username to sign up.");
} else {
}

if(empty($password)){

echo("Please enter a password to sign up.");
} else {
}

if(empty($password2)){

echo("Please enter confirm password to sign up.");
} else {
}

if(empty($email)){

echo("Please enter a email to sign up.");
} else {
}

//Here we will check if the passwords match
if($password2 != $password){
    echo("Your passwords don't match");
} else {

}

// user login code

 if(isset($_POST["user_login"]) && isset($_POST["password_login"]))  {
$user_login = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["user_login"]); //   filter everything but numbers and letters
$password_login_md5 = md5($password_login);
$password_login = preg_replace('#[^A-Za-z0-9]#i', '',     $_POST["password_login"]); // filter everything but numbers and letters
$sql = mysqli_query("SELECT id FROM users WHERE username= '$user_login' AND  password='$password_login_md5' LIMIT 1");

  //check for their user existance
  $userCount = mysqli_num_rows($sql); //count the number of rows returned
  if($userCount == 1) {
    while($row = mysqli_fetch_array($sql)){
        $id = $row["id"];
    }
    $_SESSION["user_login"] = $user_login;
    header("location: home.php");
    exit();
}

} else{
    echo'That information is incorrect, try again';
    exit();
}
?>
<html>
<head>
<title>InterFace</title>
<link rel="stylesheet" type="text/css" href="css.css" >
</head>
<body bgcolor="#E6E6FA">

<nav>
    <div id="logo">
    <h1 style="font-size: 30px">InterFace</h1>
    <div>

    <form action="account.php" method="POST">
    <h2 style="text-align: left"><b style="font-size: 25px">Log In</b></h2>
    <p align="left"><input type="text" name="user_login" size="35" id="Username" placeholder="User Name" /></p>
    <p align="left"><input type="password" name="password_login" size="35"  id="Password" placeholder="Password" /></p>
    <p align="left"><input type="submit" name="login" value="Login"></p>
    </form>
    </div>

    </div>
</nav>
<h3 style="text-align: right"><b style="font-size: 25px">Sign Up Below</b></h3>
<form name="registration" method="post" action="">
  <p align="right"><input type="text" name="username" size="35" id="Username" placeholder="User Name" /></p>
    <br></br>
  <p align="right"><input type="password" name="password" size="35"  id="Password" placeholder="Password" /></p>
    <br></br>
  <p align="right"><input type="password" name="password2" size="35"  id="Password2" placeholder="Confirm Password" /></p>
    <br></br>
  <p align="right"><input type="text" name="email" size="35"  id="Email" placeholder="E-mail" /></p>
  <p align="right"><input type="submit" name="submit" value="submit"></p>
  </form>

</body>
</html>

Posted 10-Oct-15 5:25am

Member 10906424

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Shayan Hafeez · Answer 1 · 2015-11-18T10:42:00

Try this code:

if(isset($_POST["user_login"]) && isset($_POST["password_login"])) {

$user_login = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["user_login"]); //

$password_login_md5 = md5($password_login);

$password_login = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password_login"]); // filter everything but numbers and letters
$sql = mysqli_query("SELECT id FROM users WHERE username= '$user_login' AND password='$password_login_md5'");

if($sql)
{
$row=mysql_fetch_row($sql);
if($row > 0)
{
$_SESSION["user_login"] = $user_login;
header("location: home.php");
exit();
}
else{
echo'That information is incorrect, try again';
exit();
}
}